Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedi: Fixed a possible memory leak in qediallocandinitsb. The hook “qediops-common-sbinit = qedsbinit” does not release the DMA-mapped memory sbvirt when it fails. Added dmafreecoherent to release this memory. This is th...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fixed a use-after-free bug in qediremove In qediprobe, we call qediprobe, which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000269 advisory. An issue was discovered in drivers/scsi/qedi/qedidbg.c in the Linux kernel before 5.1.12. In the qedidbg family of functions, there is an out-of-bounds read. Tenable...

SUSE CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

Linux Distros Unpatched Vulnerability : CVE-2023-54100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and...

EUVD-2023-60345

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

UBUNTU-CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100 scsi: qedi: Fix use after free bug in qedi_remove()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100 scsi: qedi: Fix use after free bug in qedi_remove()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100

The CVE-2023-54100 entry describes a Linux kernel use-after-free in the qedi driver during removal. The bug stems from __qedi_remove() not ensuring recovery_work and board_disable_work are finished before cleanup, leaving scheduled work active during removal. The published fix cancels recovery_wo...

CLSA-2025-1763722365 kernel: Fix of 62 CVEs

wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 CVE-2023-53226 - wifi: mac80211: check S1G action frame size CVE-2023-53257 CVE-2023-53257 - wifi: cfg80211: fix use-after-free in cmpbss CVE-2025-39864 CVE-2025-39864 - partitions: mac: fix handling of bogus partition...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56747)

scsi: qedi: vulnerability involves a potential memory leak in qediallocandinitsb where the DMA memory sbvirt is not released upon failure, which is fixed by adding dmafreecoherent to free the memory, similar to other functions like qedrallocmemsb and qedeallocmemsb. This plugin only works with...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990534 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990343 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989316 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40978)

scsi: qedi: crash while reading debugfs attribute. The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986367)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986367 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function...